Policy-Based Implicit Attestation for Microkernel-Based Virtualized Systems

  • Steffen WagnerEmail author
  • Claudia Eckert
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9866)


We present an attestation mechanism that enables a remote verifier to implicitly evaluate the trustworthiness of the prover’s system through policies. Those policies are verified and enforced by a TPM 2.0, when the attestor interacts with a virtualized hardware component of the prover’s system. For instance, when the verifier reads a virtualized sensor device and requests integrity-protected sensor data, such as the average temperature, a heartbeat value, or an anomaly detection score, the prover’s TPM, which acts as a trust anchor, checks and enforces the policies specified by the verifier. The prover, in turn, is also able to define policies, which can limit access to certain hardware components and are also enforced by the TPM. As a result, both parties have to cooperate for a successful attestation, which implicitly creates verifiable proof of the prover’s trustworthiness using mainly symmetric instead of expensive asymmetric cryptographic operations like digital signatures.


Remote attestation Trusted platform module Policy Data integrity Microkernel 



Parts of this work were funded by the Industrial Data Space project (GN: 01IS15054) of the German Federal Ministry of Education and Research. We also like to thank Sergej Proskurin and Tamas Bakos for contributing to our prototype and to the TPM 2.0 Simulator Extraction Script.


  1. 1.
    Alsouri, S., Dagdelen, Ö., Katzenbeisser, S.: Group-based attestation: enhancing privacy and management in remote attestation. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) TRUST 2010. LNCS, vol. 6101, pp. 63–77. Springer, Heidelberg (2010)Google Scholar
  2. 2.
    Andersen, E., Landley, R., Vlasenko, D., et al.: Busybox.
  3. 3.
    ARM Ltd.: Virtualization extensions architecture specification (2010).
  4. 4.
    ARM Ltd.: ARM Cortex-A15 technical reference manual. ARM DDI 0438C, September 2011Google Scholar
  5. 5.
    ARM Ltd.: ARM architecture reference manual. ARMv7-A and ARMv7-R edition. ARM DDI 0406C.b, July 2012Google Scholar
  6. 6.
    Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, CCS 2004, pp. 132–145. ACM, New York (2004).
  7. 7.
    Danial, A.: CLOC - Count Lines of Code. Version 1.67.
  8. 8.
    Haldar, V., Chandra, D., Franz, M.: Semantic remote attestation: a virtual machine directed approach to trusted computing. In: Proceedings of the 3rd Conference on Virtual Machine Research and Technology Symposium, Berkeley, CA, USA (2004)Google Scholar
  9. 9.
    Krawczyk, H., Rabin, T.: Chameleon hashing and signatures. IACR Cryptology ePrint Archive (1998)Google Scholar
  10. 10.
    Genode Labs.
  11. 11.
    Liedtke, J.: Microkernels must and can be small. In: Proceedings of the 5th IEEE International Workshop on Object-Orientation in Operating Systems (IWOOOS). Seattle, WA, October 1996.
  12. 12.
    Neiger, G., Santoni, A., Leung, F., Rodgers, D., Uhlig, R.: Intel virtualization technology: hardware support for efficient processor virtualization. Intel Technol. J. 10(3), 167–177 (2006)CrossRefGoogle Scholar
  13. 13.
    Sadeghi, A.R., Stüble, C.: Property-based attestation for computing platforms: caring about properties, not mechanisms. In: Proceedings of the 2004 Workshop on New Security Paradigms, NSPW 2004, pp. 67–77. ACM, New York (2004)Google Scholar
  14. 14.
    Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and implementation of a TCG-based integrity measurement architecture. In: Proceedings of the 13th Conference on USENIX Security Symposium, vol. 13, Berkeley, CA, USA (2004)Google Scholar
  15. 15.
    Sirer, E.G., de Bruijn, W., Reynolds, P., Shieh, A., Walsh, K., Williams, D., Schneider, F.B.: Logical attestation: an authorization architecture for trustworthy computing. In: Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, SOSP 2011, pp. 249–264. ACM, New York (2011)Google Scholar
  16. 16.
    Trusted Computing Group (TCG): TPM Main Specification Version 1.2 rev. 116.
  17. 17.
    Trusted Computing Group (TCG): Trusted Platform Module Library Specification. Family “2.0". Level 00, Revision 01.16.
  18. 18.
    TU Dresden OS Group: L4/Fiasco.OC.
  19. 19.
    Wagner, S., Proskurin, S., Bakos, T.: TPM 2.0 Simulator Extraction Script (2016).

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  1. 1.Fraunhofer Institute AISECMunichGermany
  2. 2.Technische Universität MünchenMunichGermany

Personalised recommendations